Security News
The Unpaid Backbone of Open Source: Solo Maintainers Face Increasing Security Demands
Solo open source maintainers face burnout and security challenges, with 60% unpaid and 60% considering quitting.
@esbuild/linux-riscv64
Advanced tools
The Linux RISC-V 64-bit binary for esbuild, a JavaScript bundler.
This is the Linux RISC-V 64-bit binary for esbuild, a JavaScript bundler and minifier. See https://github.com/evanw/esbuild for details.
0.20.1
Fix a bug with the CSS nesting transform (#3648)
This release fixes a bug with the CSS nesting transform for older browsers where the generated CSS could be incorrect if a selector list contained a pseudo element followed by another selector. The bug was caused by incorrectly mutating the parent rule's selector list when filtering out pseudo elements for the child rules:
/* Original code */
.foo {
&:after,
& .bar {
color: red;
}
}
/* Old output (with --supported:nesting=false) */
.foo .bar,
.foo .bar {
color: red;
}
/* New output (with --supported:nesting=false) */
.foo:after,
.foo .bar {
color: red;
}
Constant folding for JavaScript inequality operators (#3645)
This release introduces constant folding for the < > <= >=
operators. The minifier will now replace these operators with true
or false
when both sides are compile-time numeric or string constants:
// Original code
console.log(1 < 2, '🍕' > '🧀')
// Old output (with --minify)
console.log(1<2,"🍕">"🧀");
// New output (with --minify)
console.log(!0,!1);
Better handling of __proto__
edge cases (#3651)
JavaScript object literal syntax contains a special case where a non-computed property with a key of __proto__
sets the prototype of the object. This does not apply to computed properties or to properties that use the shorthand property syntax introduced in ES6. Previously esbuild didn't correctly preserve the "sets the prototype" status of properties inside an object literal, meaning a property that sets the prototype could accidentally be transformed into one that doesn't and vice versa. This has now been fixed:
// Original code
function foo(__proto__) {
return { __proto__: __proto__ } // Note: sets the prototype
}
function bar(__proto__, proto) {
{
let __proto__ = proto
return { __proto__ } // Note: doesn't set the prototype
}
}
// Old output
function foo(__proto__) {
return { __proto__ }; // Note: no longer sets the prototype (WRONG)
}
function bar(__proto__, proto) {
{
let __proto__2 = proto;
return { __proto__: __proto__2 }; // Note: now sets the prototype (WRONG)
}
}
// New output
function foo(__proto__) {
return { __proto__: __proto__ }; // Note: sets the prototype (correct)
}
function bar(__proto__, proto) {
{
let __proto__2 = proto;
return { ["__proto__"]: __proto__2 }; // Note: doesn't set the prototype (correct)
}
}
Fix cross-platform non-determinism with CSS color space transformations (#3650)
The Go compiler takes advantage of "fused multiply and add" (FMA) instructions on certain processors which do the operation x*y + z
without intermediate rounding. This causes esbuild's CSS color space math to differ on different processors (currently ppc64le
and s390x
), which breaks esbuild's guarantee of deterministic output. To avoid this, esbuild's color space math now inserts a float64()
cast around every single math operation. This tells the Go compiler not to use the FMA optimization.
Fix a crash when resolving a path from a directory that doesn't exist (#3634)
This release fixes a regression where esbuild could crash when resolving an absolute path if the source directory for the path resolution operation doesn't exist. While this situation doesn't normally come up, it could come up when running esbuild concurrently with another operation that mutates the file system as esbuild is doing a build (such as using git
to switch branches). The underlying problem was a regression that was introduced in version 0.18.0.
FAQs
The Linux RISC-V 64-bit binary for esbuild, a JavaScript bundler.
The npm package @esbuild/linux-riscv64 receives a total of 5,475,770 weekly downloads. As such, @esbuild/linux-riscv64 popularity was classified as popular.
We found that @esbuild/linux-riscv64 demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Solo open source maintainers face burnout and security challenges, with 60% unpaid and 60% considering quitting.
Security News
License exceptions modify the terms of open source licenses, impacting how software can be used, modified, and distributed. Developers should be aware of the legal implications of these exceptions.
Security News
A developer is accusing Tencent of violating the GPL by modifying a Python utility and changing its license to BSD, highlighting the importance of copyleft compliance.